Internet Protocol (“IP”) addressing, such as IPv6 (Internet Protocol version 6), can reveal information about the geographic location of users, providing hackers and other antagonists with the ability to locate users and/or track users' whereabouts. Information is revealed in IP addressing because topological locations in Internet Protocol addresses correlate with specific geographical locations. For example, IPv6 uses a fixed subnet prefix (typically 64 bits in length). Because the subnet prefix appears as clear text in the IPv6 address, and the IPv6 address appears in the packet header of any transmitted information, an antagonist is provided with enough data to create a topological-to-geographical index. Consequently, the antagonist may employ such a correlation of data to pinpoint the geographic location of those using the network.
The field of network security that addresses the previous problem is known as “location privacy security.” Previous schemes attempting to address location privacy security are deficient for various reasons. For instance, in what is known as “Onion” routing, the system is vulnerable to eavesdroppers on the links between the last hop overlay router of a network and the two corresponding hosts. Onion routing also does not protect the location of an end host from malicious software running on the host. Further, common forms of Internet Protocol security (such as the IPsec standard promulgated by the Internet Engineering Task Force, or the IETF) cannot be used with Onion routing. Additionally, Onion routing adds significant delays to information routing.
Applications such as Freedom Network (a product by Zero-Knowledge Systems, Inc.) are also deficient, for similar reasons. For instance, Freedom Network does not protect the location of an end host from malicious software running on the host. Further, Freedom Network cannot protect the location privacy of a host that uses IPsec, since a network filter using Freedom Network is unable to change the source Internet Protocol (“IP”) address. Additionally, the use of Freedom Network adds a significant delay to routing.
Recent attempts to provide location privacy security include the encryption of IP addresses with a single secret key (such a system is disclosed, for example, in copending, commonly assigned, U.S. application Ser. No. 10/284,739). However, compromise of the single secret key may leave open the possibility that an antagonist could have access to the entire privacy domain.